Projects

The objective of this project is to deliver an innovative technology that enables an efficient, fast and seamless exchange of clinical data among mobile devices, ensuring at the same time that the data sharing is made in a secure way. This means that such data exchange should not create risks of violating confidentiality and privacy that are particularly important when dealing with clinical and medical information. Moreover, the project aims to create a framework and technological
solution for trusted and secure exchange of data in a mobile, heterogeneous environment, in which information can be accessed also from mobile devices as smart phones or Personal Digital Assisstants (PDAs). Indeed mobile systems provide a very promising platforms for mobile healthcare.
The MobiCare project will deliver a framework for data protection based on data sharing policies for mobile devices. The importance and advantages of this approach become especially important with the significant demands of secure mechanisms for collaboration and data sharing among different organizations, e.g., clinical data sharing among physicians, patients and researchers through secure clinical information systems. The application of the project framework to an healthcare scenario makes this framework very actual.
The proposed architecture covers three steps of the data exchange, starting from the modeling of the data sharing policies, at a high level of abstraction, to the enforcing of these policies, at low enforceable level of abstraction, in order to guarantee that the exchange of data between different
devices is done in a secure way, without accidentally or maliciously mishandled of data.

The goal of the CONTRAIL project is to design, develop and promote an integrated approach for Cloud federation. The CONTRAIL platform will provide services for federating IaaS Clouds, and both Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) on top of federated Clouds. The CONTRAIL platform will include an enhanced security support based on federated identity management and authentication, and usage control of Cloud resources tailored for the Cloud Federation requirements.

The Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSoS) aims at constituting and integrating a long lasting research community on engineering secure software-based services and systems.
The NESSoS engineering of secure software services is based on the principle of addressing security concerns from the very beginning in system analysis and design, thus contributing to reduce the amount of system and service vulnerabilities and enabling the systematic treatment of security needs through the engineering process. In light of the unique security requirements the Future Internet will expose, new results will be achieved by means of an integrated research, as to improve the necessary assurance level and to address risk and cost during the software development cycle in order to prioritize and manage investments. NESSoS will integrate the research labs involved; NESSoS will re-address, integrate, harmonize and foster the research activities in the necessary areas, and will increase and spread the research excellence. NESSoS will also impact training and education activities in Europe to grow a new generation of skilled researchers and practitioners in the area. NESSoS will collaborate with industrial stakeholders to improve the industry best practices and support a rapid growth of software-based service systems in the Future Internet.
The research excellence of NESSoS will contribute to increase the trustworthiness of the Future Internet by improving the overall security of software services and systems. This will support European competitiveness in this vital area.

Secure! is a research project funded by the Tuscany region that aims to create an innovative decision support system in terms of public safety, private and civil protection.
Secure! exploits the widespreading of social media and the emergence of crowdsensing and crowdsourcing technologies to put together the collection of information and the coordination of the monitoring and intervention activities in the territory. The overall objective of the project Secure! is actually to try to prevent or anticipate events and emergencies that could affect the public and/or critical infrastructure safety in order to respond quickly and accurately optimizing the management of the emergency.
The project Secure! studies, defines and implements techniques and components to: 1) acquire and collect data from multiple sources and heterogeneous as social media, applications crowdsensing, sensor networks and information systems; 2) extract, analyze and integrate information, not always structured (such as text, images, etc.), from these sources; 3) make decisions, integrating knowledge management techniques for the determination of situation awareness and practical reasoning for the management of the operational plans of action

The realization of a Smart City is a very complex and a long-term process: it is necessary a fundamental understanding of the local reality, the needs of the community and of the single persons, of the critical issues and the services that must be managed and secured. The e-health services are a fundamental step towards the realization of a smart city in terms of social health. In this context, the e-SHS project not only takes care of e-health services, particularly for frail individuals, but it offers innovative tools for their social inclusion and for an increased social solidarity. The main objective of e-SHS is the realization of a platform of personal and customized services based on the use of innovative and non-invasive ICT technologies in the field of health and social solidarity. The system is user-patient centred (persons proned to clinical risks and/or to a social exclusion), in the sense that services are defined and developed for monitoring and supporting his illness and his lifestyle in order to improve his quality of life and to increase the autonomy and independence in his daily activities, both at home and in outdoor environments.

The TENACE project will investigate the protection of national critical infrastructures from cyber threats following a collaborative approach whenever appropriate. TENACE will address three scenarios: financial infrastructures, power grid and transportation systems that represent three widely different settings with distinct interdepencies, threats, vulnerabilities and possible countermeasures. TENACE has the objective of defining collaborative technical and organizational methodologies to raise the protection of such CIs with the specific target of looking at the common steps in order to develop a unifying metodology and understanding the underground economics fuelling an attacker. The study of specific CI vulnerabilities and related attacks will drive the development of algorithms, models, architectures and tools as the means to enable the effective protection of critical infrastructures enhancing their degree of security and dependability by considering a continuously evolving adversary. TENACE will address cyber attacks, combination of cyber and physical attacks and cyber fraudes in the context of power grids, transportation and financial inrastructures respectively. TENACE will integrate results developed by specific research groups in order to generate solutions addressing complex attacks in each specific CI scenario. Such solutions will be validated against real data sets

This project aims at developing a rigorous methodology and a language-based framework that will provide formal methods to support software engineers when they design, implement and maintain secure systems. This support will span all the software development phases: specification, design, implementation, validation, including verification and testing. To this end, we will study models and specification languages that allow one to formally express the many facets of online services and of their hosting infrastructures. The methodology we aim at will rely on logically based theories, on game theory, and on the formal semantics of languages. Our framework will offer tools for formally analyzing the behavior of systems, both at design-time and at run-time, and tools for securely composing them, monitoring their execution and evaluating/reducing the risk of misbehavior. The existing analysis tools (developed by the programming languages community and by the formal security one) are not up to this task but instead require significant extensions to take care of the distributed nature of the systems of interest and of the impact that quantitative aspects of their behavior have on the usability of software services and infrastructures.

The major goal of the project is to provide a realistic roadmap for improving resilience against cybercrime and cyber terrorism. Where should taxpayer money be invested for research purposes? What are the challenges? What approaches should be taken to tackle these challenges? Once possible solutions are found how should the results be tested and evaluated to demonstrate effectiveness?
The project uses a holistic approach, analysing functions and capabilities addressing technical and human issues which are inter-related with legal and ethical aspects. On the human front, the project will address the wide spectrum of players including technicians, end users and their intermediaries, including administrators, policy makers, regulators and of course the instigators of cybercrime who in fact populate across the whole spectrum.

Coco Cloud aims at allowing the cloud users to securely and privately share their data in the cloud. This will increase the trust of users in the cloud services and thus increase their widespread adoption with consequent benefits for the users and in general for digital economy. Coco Cloud will facilitate the writing, understanding, analysis, management, enforcement and dissolution of data sharing agreements, going from high level descriptions (close to natural language) to system enforceable data usage policies, and it will consider the most appropriate enforcing mechanisms depending on the underlying infrastructure and context for enforcing data usage policies. Coco Cloud will also address key challenges for legally compliant data sharing in the cloud. By taking a âcompliance by designâ approach, the project places an early emphasis on understanding and incorporating legal and regulatory requirements into the data sharing agreements.

The SESAMO project addresses the root causes of problems arising with convergence of safety and security in embedded systems at architectural level, where subtle and poorly understood interactions between functional safety and security mechanisms impede system definition, development, certification, and accreditation procedures and standards. Intense market innovation is being held back by this root cause: the absence of a rigorous theoretical and practical understanding of safety and security feature interaction. The proposed solution is to develop a component-oriented design methodology based upon model-driven technology, jointly addressing safety and security aspects and their interrelation for networked embedded systems in multiple domains (e.g., avionics, transportation, industry control).